Cybersecurity Recommendations: Response To COVID-19

As the US is responding to the Coronavirus pandemic, companies and government/non-government organizations are recommending or mandating their employees to work from home.

Please remember that this period will be considered a golden opportunity by cyber criminals who are looking to penetrate your cyber defenses and to disrupt your business. We are already seeing this happening.

This presents significant challenges for both IT procurement and management.

We would like to provide some recommendations that may be useful in the current situation that is developing rapidly.

Remember, as security practitioners, this is business as usual for us. The core mission and risks haven’t changed. If you have any concerns about any new risks that you may face, please don’t hesitate to reach out.

Continuouslyscanyour perimeter looking for signs of “shadow IT” setting up rogue remote access services, such as RDP and SSH.

Watch forphishingattempts using the current COVID-19 outbreak as a pre-text.

Secure/order necessarylaptops/desktopsas fast as possible as there may be shortages with the equipment.

If you do not have one in place yet, consider accelerated deployment of anadvanced email protection system(Mimecast, Proofpoint, etc.). If you already use one, make sure that policies are configured properly (i.e. to defend from “impersonation attacks”).

Test your backup solutionto ensure that you can recover data in case of a successful ransomware attack.

Test capacity of yourremote accesssolution (VPN/Virtual Desktop) to ensure ability to support remote workers at a peak load. Address any limitations immediately.

We wish you and your loved ones good health and high spirits in this uncertain time. We appreciate you and your continued trust in us as we care for your organization. We look forward to seeing you on the other side, in-person, soon.